Re: [m0n0wall-dev] FQDN Support for IPsec VPN

From:	vincent at bikost dot com
To:	"sylikc" <sylikc at gmail dot com>
Cc:	"M.Cattaneo" <cattaneo at gmx dot de>, m0n0wall dash dev at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall-dev] FQDN Support for IPsec VPN
Date:	Wed, 19 Jan 2005 16:49:03 -0500 (EST)

(...)

>
> But, as a solution, for the most part, if you are on a DSL/Cable
> connection and you have your endpoints up 24/7, the IPs never change
> IP anyway.  So, just set up your IPSec tunnels with the current IPs
> and you should be fine (I've had my site-2-site running for over 6
> months, no issues)
>

I don't agree 100%: in France for example, most ISP reset the PPPoE
sesion after 7 days to ensure your IP will change at least every week.
They claim it's for security reason, but I believe they lack IP
addresses instead...

Yes, some of them let you always use the same IP address, but it's not
the majority. And in most cases, you have to pay extra fees for this
nice feature.

But you're right: if you can get a DSL connection with a fixed IP, IPSec
will work!

Sorry ;-)

-- Vincent